From 8751fb4bb1eb7cd34ed63be9b3801b8aeac71a1d Mon Sep 17 00:00:00 2001 From: Wim Date: Sat, 11 Jun 2022 23:07:42 +0200 Subject: Update dependencies (#1841) --- vendor/github.com/pelletier/go-toml/README.md | 6 +-- vendor/github.com/pelletier/go-toml/SECURITY.md | 19 +++++++++ vendor/github.com/pelletier/go-toml/marshal.go | 2 +- vendor/github.com/pelletier/go-toml/parser.go | 47 +++++++++++----------- vendor/github.com/pelletier/go-toml/toml.go | 2 +- vendor/github.com/pelletier/go-toml/v2/LICENSE | 2 +- vendor/github.com/pelletier/go-toml/v2/README.md | 20 ++++----- .../github.com/pelletier/go-toml/v2/marshaler.go | 18 +++++++-- .../github.com/pelletier/go-toml/v2/unmarshaler.go | 38 ++++++++++++----- 9 files changed, 98 insertions(+), 56 deletions(-) create mode 100644 vendor/github.com/pelletier/go-toml/SECURITY.md (limited to 'vendor/github.com/pelletier') diff --git a/vendor/github.com/pelletier/go-toml/README.md b/vendor/github.com/pelletier/go-toml/README.md index 6c061712..7399e04b 100644 --- a/vendor/github.com/pelletier/go-toml/README.md +++ b/vendor/github.com/pelletier/go-toml/README.md @@ -25,9 +25,9 @@ and [much faster][v2-bench]. If you only need reading and writing TOML documents (majority of cases), those features are implemented and the API unlikely to change. -The remaining features (Document structure editing and tooling) will be added -shortly. While pull-requests are welcome on v1, no active development is -expected on it. When v2.0.0 is released, v1 will be deprecated. +The remaining features will be added shortly. While pull-requests are welcome on +v1, no active development is expected on it. When v2.0.0 is released, v1 will be +deprecated. 👉 [go-toml v2][v2] diff --git a/vendor/github.com/pelletier/go-toml/SECURITY.md b/vendor/github.com/pelletier/go-toml/SECURITY.md new file mode 100644 index 00000000..b2f21cfc --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/SECURITY.md @@ -0,0 +1,19 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ---------- | ------------------ | +| Latest 2.x | :white_check_mark: | +| All 1.x | :x: | +| All 0.x | :x: | + +## Reporting a Vulnerability + +Email a vulnerability report to `security@pelletier.codes`. Make sure to include +as many details as possible to reproduce the vulnerability. This is a +side-project: I will try to get back to you as quickly as possible, time +permitting in my personal life. Providing a working patch helps very much! diff --git a/vendor/github.com/pelletier/go-toml/marshal.go b/vendor/github.com/pelletier/go-toml/marshal.go index 3443c354..57127304 100644 --- a/vendor/github.com/pelletier/go-toml/marshal.go +++ b/vendor/github.com/pelletier/go-toml/marshal.go @@ -1113,7 +1113,7 @@ func (d *Decoder) valueFromToml(mtype reflect.Type, tval interface{}, mval1 *ref return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) } - if val.Convert(reflect.TypeOf(int(1))).Int() < 0 { + if val.Type().Kind() != reflect.Uint64 && val.Convert(reflect.TypeOf(int(1))).Int() < 0 { return reflect.ValueOf(nil), fmt.Errorf("%v(%T) is negative so does not fit in %v", tval, tval, mtype.String()) } if reflect.Indirect(reflect.New(mtype)).OverflowUint(val.Convert(reflect.TypeOf(uint64(0))).Uint()) { diff --git a/vendor/github.com/pelletier/go-toml/parser.go b/vendor/github.com/pelletier/go-toml/parser.go index f5e1a44f..b3726d0d 100644 --- a/vendor/github.com/pelletier/go-toml/parser.go +++ b/vendor/github.com/pelletier/go-toml/parser.go @@ -293,42 +293,41 @@ func (p *tomlParser) parseRvalue() interface{} { return math.NaN() case tokenInteger: cleanedVal := cleanupNumberToken(tok.val) - var err error - var val int64 + base := 10 + s := cleanedVal + checkInvalidUnderscore := numberContainsInvalidUnderscore if len(cleanedVal) >= 3 && cleanedVal[0] == '0' { switch cleanedVal[1] { case 'x': - err = hexNumberContainsInvalidUnderscore(tok.val) - if err != nil { - p.raiseError(tok, "%s", err) - } - val, err = strconv.ParseInt(cleanedVal[2:], 16, 64) + checkInvalidUnderscore = hexNumberContainsInvalidUnderscore + base = 16 case 'o': - err = numberContainsInvalidUnderscore(tok.val) - if err != nil { - p.raiseError(tok, "%s", err) - } - val, err = strconv.ParseInt(cleanedVal[2:], 8, 64) + base = 8 case 'b': - err = numberContainsInvalidUnderscore(tok.val) - if err != nil { - p.raiseError(tok, "%s", err) - } - val, err = strconv.ParseInt(cleanedVal[2:], 2, 64) + base = 2 default: panic("invalid base") // the lexer should catch this first } - } else { - err = numberContainsInvalidUnderscore(tok.val) - if err != nil { - p.raiseError(tok, "%s", err) - } - val, err = strconv.ParseInt(cleanedVal, 10, 64) + s = cleanedVal[2:] } + + err := checkInvalidUnderscore(tok.val) if err != nil { p.raiseError(tok, "%s", err) } - return val + + var val interface{} + val, err = strconv.ParseInt(s, base, 64) + if err == nil { + return val + } + + if s[0] != '-' { + if val, err = strconv.ParseUint(s, base, 64); err == nil { + return val + } + } + p.raiseError(tok, "%s", err) case tokenFloat: err := numberContainsInvalidUnderscore(tok.val) if err != nil { diff --git a/vendor/github.com/pelletier/go-toml/toml.go b/vendor/github.com/pelletier/go-toml/toml.go index 6d82587c..5541b941 100644 --- a/vendor/github.com/pelletier/go-toml/toml.go +++ b/vendor/github.com/pelletier/go-toml/toml.go @@ -471,7 +471,7 @@ func LoadBytes(b []byte) (tree *Tree, err error) { if _, ok := r.(runtime.Error); ok { panic(r) } - err = errors.New(r.(string)) + err = fmt.Errorf("%s", r) } }() diff --git a/vendor/github.com/pelletier/go-toml/v2/LICENSE b/vendor/github.com/pelletier/go-toml/v2/LICENSE index 3a38ac28..6839d51c 100644 --- a/vendor/github.com/pelletier/go-toml/v2/LICENSE +++ b/vendor/github.com/pelletier/go-toml/v2/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2013 - 2021 Thomas Pelletier, Eric Anderton +Copyright (c) 2013 - 2022 Thomas Pelletier, Eric Anderton Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/vendor/github.com/pelletier/go-toml/v2/README.md b/vendor/github.com/pelletier/go-toml/v2/README.md index ca5b5ced..a63c3a79 100644 --- a/vendor/github.com/pelletier/go-toml/v2/README.md +++ b/vendor/github.com/pelletier/go-toml/v2/README.md @@ -4,17 +4,6 @@ Go library for the [TOML](https://toml.io/en/) format. This library supports [TOML v1.0.0](https://toml.io/en/v1.0.0). -## Development status - -This is the upcoming major version of go-toml. It is currently in active -development. As of release v2.0.0-beta.1, the library has reached feature parity -with v1, and fixes a lot known bugs and performance issues along the way. - -If you do not need the advanced document editing features of v1, you are -encouraged to try out this version. - -[👉 Roadmap for v2](https://github.com/pelletier/go-toml/discussions/506) - [🐞 Bug Reports](https://github.com/pelletier/go-toml/issues) [💬 Anything else](https://github.com/pelletier/go-toml/discussions) @@ -49,7 +38,7 @@ operations should not be shockingly slow. See [benchmarks](#benchmarks). ### Strict mode `Decoder` can be set to "strict mode", which makes it error when some parts of -the TOML document was not prevent in the target structure. This is a great way +the TOML document was not present in the target structure. This is a great way to check for typos. [See example in the documentation][strict]. [strict]: https://pkg.go.dev/github.com/pelletier/go-toml/v2#example-Decoder.DisallowUnknownFields @@ -551,6 +540,13 @@ complete solutions exist out there. [query]: https://github.com/pelletier/go-toml/tree/f99d6bbca119636aeafcf351ee52b3d202782627/query [dasel]: https://github.com/TomWright/dasel +## Versioning + +Go-toml follows [Semantic Versioning](http://semver.org/). The supported version +of [TOML](https://github.com/toml-lang/toml) is indicated at the beginning of +this document. The last two major versions of Go are supported +(see [Go Release Policy](https://golang.org/doc/devel/release.html#policy)). + ## License The MIT License (MIT). Read [LICENSE](LICENSE). diff --git a/vendor/github.com/pelletier/go-toml/v2/marshaler.go b/vendor/github.com/pelletier/go-toml/v2/marshaler.go index 91f3b3c2..c14c1cea 100644 --- a/vendor/github.com/pelletier/go-toml/v2/marshaler.go +++ b/vendor/github.com/pelletier/go-toml/v2/marshaler.go @@ -128,7 +128,8 @@ func (enc *Encoder) SetIndentTables(indent bool) *Encoder { // // In addition to the "toml" tag struct tag, a "comment" tag can be used to emit // a TOML comment before the value being annotated. Comments are ignored inside -// inline tables. +// inline tables. For array tables, the comment is only present before the first +// element of the array. func (enc *Encoder) Encode(v interface{}) error { var ( b []byte @@ -652,10 +653,19 @@ func (enc *Encoder) encodeStruct(b []byte, ctx encoderCtx, v reflect.Value) ([]b } func (enc *Encoder) encodeComment(indent int, comment string, b []byte) []byte { - if comment != "" { + for len(comment) > 0 { + var line string + idx := strings.IndexByte(comment, '\n') + if idx >= 0 { + line = comment[:idx] + comment = comment[idx+1:] + } else { + line = comment + comment = "" + } b = enc.indent(indent, b) b = append(b, "# "...) - b = append(b, comment...) + b = append(b, line...) b = append(b, '\n') } return b @@ -881,6 +891,8 @@ func (enc *Encoder) encodeSliceAsArrayTable(b []byte, ctx encoderCtx, v reflect. scratch = append(scratch, "]]\n"...) ctx.skipTableHeader = true + b = enc.encodeComment(ctx.indent, ctx.options.comment, b) + for i := 0; i < v.Len(); i++ { b = append(b, scratch...) diff --git a/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go b/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go index 2219f704..b3596f6d 100644 --- a/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go +++ b/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go @@ -866,12 +866,27 @@ func (d *decoder) unmarshalFloat(value *ast.Node, v reflect.Value) error { return nil } -func (d *decoder) unmarshalInteger(value *ast.Node, v reflect.Value) error { - const ( - maxInt = int64(^uint(0) >> 1) - minInt = -maxInt - 1 - ) +const ( + maxInt = int64(^uint(0) >> 1) + minInt = -maxInt - 1 +) + +// Maximum value of uint for decoding. Currently the decoder parses the integer +// into an int64. As a result, on architectures where uint is 64 bits, the +// effective maximum uint we can decode is the maximum of int64. On +// architectures where uint is 32 bits, the maximum value we can decode is +// lower: the maximum of uint32. I didn't find a way to figure out this value at +// compile time, so it is computed during initialization. +var maxUint int64 = math.MaxInt64 + +func init() { + m := uint64(^uint(0)) + if m < uint64(maxUint) { + maxUint = int64(m) + } +} +func (d *decoder) unmarshalInteger(value *ast.Node, v reflect.Value) error { i, err := parseInteger(value.Data) if err != nil { return err @@ -932,7 +947,7 @@ func (d *decoder) unmarshalInteger(value *ast.Node, v reflect.Value) error { r = reflect.ValueOf(uint8(i)) case reflect.Uint: - if i < 0 { + if i < 0 || i > maxUint { return fmt.Errorf("toml: negative number %d does not fit in an uint", i) } @@ -1167,11 +1182,6 @@ func forEachField(t reflect.Type, path []int, do func(name string, path []int)) fieldPath := append(path, i) fieldPath = fieldPath[:len(fieldPath):len(fieldPath)] - if f.Anonymous { - forEachField(f.Type, fieldPath, do) - continue - } - name := f.Tag.Get("toml") if name == "-" { continue @@ -1180,6 +1190,12 @@ func forEachField(t reflect.Type, path []int, do func(name string, path []int)) if i := strings.IndexByte(name, ','); i >= 0 { name = name[:i] } + + if f.Anonymous && name == "" { + forEachField(f.Type, fieldPath, do) + continue + } + if name == "" { name = f.Name } -- cgit v1.2.3